def check_ssh_with_certs(hostname=None):
"check if certificate-based SSH access works"
config = configuration.get_config()
if hostname is None:
if config.keyserver is None:
command.fail("no keyserver found")
node = config.keyserver
else:
node = config.get_node(hostname)
env = dict(os.environ)
if "SSH_AUTH_SOCK" in env:
del env["SSH_AUTH_SOCK"]
if "SSH_AGENT_PID" in env:
del env["SSH_AGENT_PID"]
keypath = access.renew_ssh_cert()
try:
result = subprocess.check_output(
ssh.SSH_BASE +
["-i", keypath,
ssh.ssh_get_login(node), "echo", "confirmed"],
env=env)
except subprocess.CalledProcessError as e:
command.fail("ssh check failed: %s" % e)
if result != b"confirmed\n":
command.fail("unexpected result from ssh check: '%s'" %
result.decode())
print("ssh access confirmed!")
def check_ssh_with_certs(hostname=None):
config = configuration.Config.load_from_project()
if hostname is None:
if config.keyserver is None:
command.fail("no keyserver found")
hostname = config.keyserver.hostname
env = dict(os.environ)
del env["SSH_AUTH_SOCK"]
del env["SSH_AGENT_PID"]
keypath = access.renew_ssh_cert()
try:
result = subprocess.check_output(["ssh", "-i", keypath, "root@%s.%s" % (hostname, config.external_domain), "echo confirmed"], env=env)
except subprocess.CalledProcessError as e:
command.fail("ssh check failed: %s" % e)
if result != b"confirmed\n":
command.fail("unexpected result from ssh check: '%s'" % result.decode())
print("ssh access confirmed!")